SSL Certificate FAQs

What is SSL, and what is an SSL certificate?

SSL stands for Secure Sockets Layer. It is an encryption layer that encodes information that is exchanged between a client and a server, protecting the transmission of sensitive and private data.

An SSL certificate allows you to apply SSL encryption technology to your site, so that information traveling from it is encrypted. SSL certificates are expected by consumers for any site that handles sensitive information like identity information, credit card numbers, or confidential records.

How does an SSL certificate work?

An SSL certificate is a file installed on the web server that a web site is running on. This file is composed of two segments. The first is the public key, which encrypts data. The second is the private key, which decrypts data. When a client, such as a web browser, connects to an SSL secured server a unique session is created using these two keys. All data transmitted during this session is protected, and cannot be decrypted by any party other than that specific client and the server.

Why do I need an SSL certificate for my site?

If your site sends or receives sensitive information, customers expect it to be secured with an SSL certificate. Many will leave your site if they see that it is not secured.

Do you sell chained certificates?

What is a CA?

CA stands for certificate authority. A CA is the company issuing the SSL certificate.

What is the difference between a domain validation certificate and higher assurance certificates?

Domain Validation certificates authenticate that the purchaser of the cert also owns (or administers) the domain name to which the cert will be applied. This lowest level of authentication also offers the lowest prices and allows you to secure your web site the most rapidly.

Organization Validation certificates receive some scrutiny to confirm the relationship between the domain name, domain owner, and the business for which the certificate will be used.

Extended Validation certificates require the certificate authority (the company issuing the certificate, such as GeoTrust or Symantec) to perform a more extensive verification of the purchaser's business and their authority to purchase a certificate on behalf of that company. Once installed, EV certificates turn the browser address bar green to give visitors a visual cue that this is a trustworthy site.

What benefit is there to purchasing a higher validation certificate?

Low assurance certificates encrypt the connection. Higher validation certificates perform the same encryption, and add peace of mind for your visitors by showing them that the certificate authority has validated your site as belonging to a legitimate business.

What does the green address bar do?

The green address bar gives an intuitive visual cue that your business is legitimate. The green bar is only available with Extended Validation (EV) certificates. In contrast, major web browsers have integrated anti-phishing protection so that known phishing sites will display a red address bar. Studies have shown a strong, positive impact for businesses that use EV certificates.

Why is the brand of certificate important?

Functionally, all certificates with the same level of encryption perform similarly. However, for discriminating customers, branding in certificates has the same effect as designer clothing: it gives sophisticated customers assurance that you're a sophisticated business.

How do visitors know what kind of SSL certificate I'm using?

To find out what SSL certificate you use, visitors simply click the lock icon in their browser's address box. A new window pops up with information about your certificate.

Do SSL certificates work in all web browsers?

SSL Certificates are compatible with 99.9% of all browsers, including all major web browsers.

I changed web servers and my certificate no longer works. Can I get the certificate reissued?

Yes. On your new web server, generate a new CSR for your certificate. Contact the certificate issuer with the new CSR and they will provide you with a new certificate.

Can I upgrade my SSL Certificate?

Once you purchase a certificate, we can't upgrade it. However, if you need a more secure certificate immediately, you can purchase it and install it on the same web server as the old certificate. If you don't need the more secure certificate immediately, you can wait until your current certificate expires and install a more secure one at that time.

What is SGC?

Server Gated Cryptography (SGC) was developed for legacy computers and browsers that only support 40 or 56-bit SSL encryption to "step up" to 128-bit SSL encryption. Without an SGC certificate, web browsers and operating systems that do not support 128-bit strong encryption will receive only 40- or 56-bit encryption.

Do I need technical expertise to set up an SSL certificate on my web site?

Installing a certificate is not difficult, but it does involve a process that's specific to each individual web server. Certification Authorities publish instructions for generating the Certificate Signing Request (CSR) and installing the certificate.

What is a CSR?

CSR stands Certificate Signing Request. A CSR is a special key generated by a web server using that server's unique private key. The CSR is sent to the certificate issuer, which generates the final certificate.